<<<<<<< .mine
<!--
Computer Science Course 531 - Introduction to Software Engineering
Olive Insurance Client Management System (Client Database Access)
Version 1.0 (Base System)
Spring 2011

-- Source Code Details --
Page Tile: agentAccountDetails.php
Created By: David Gonzalez, Computer Science (Undergraduate)
Documented By: Darrius Serrant, Computer Science (Undergraduate)
Purpose: User interface allowing the system administrator add, remove, and modify
        user accounts.
Status: Completed. Code optimization is now pending.
-->

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
   <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <script LANGUAGE="JavaScript" SRC="CalendarPopup.js"></script>
	<script LANGUAGE="JavaScript">
	var cal = new CalendarPopup();
	</script>
        <title>
            Olive Insurance Client Management System - Group Details
        </title>
        <link rel="stylesheet" type="text/css" href="styles/main.css" />
    </head>
    <body>
        <div id ="contentbox">

            <div id="header">
                <img src="images/header.gif" alt="Olive Insurance Client Management System, Version 1.0" />
            </div>
            <div id="separator">
                <img src="images/separator.gif" alt="" />
            </div>

        <?php
                /*
         * PHP Documentation: Handles the insertion, modification, and deletion of groups
         *                    based on the attributes presented in the POST header (i.e. INSERT for 'save',
         *                    UPDATE for 'update', and DELETE for 'delete').
         */
        session_start();
        require_once('connectvars.php');
        $display = "yes";
        if(isset($_SESSION['user_name'])){
            if(isset($_POST['save'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));

        if(!empty ($cname) && !empty ($cperson) && !empty ($address) && !empty ($carrier)
                && !empty ($city) && !empty ($ctype) && !empty ($bnumber) && !empty ($edate)
                && !empty ($fnumber) && !empty ($rdate)){
            $query = "INSERT INTO groups (Company_Name, Contact, Address, Carrier, City,".
            "Type, Phone, Effective, Fax, Renewal) VALUES ('$cname','$cperson','$address','$carrier',".
            "'$city','$ctype','$bnumber','$edate','$fnumber','$rdate')";
            $data = mysqli_query($dbc, $query);

            mysqli_close($dbc);
            echo "Record Saved <br>";

        }
        else{
            echo "All fields need to be entered!<br>";
        }
        }
        if(isset($_POST['delete'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));

        if(!empty ($cname)){
            $query = "SELECT * FROM groups WHERE Company_Name = '$cname'";
            $result = mysqli_query($dbc, $query) or die("Error");
            ?><form action ="agencyGroupDetails.php" method="post"><?php
            while($row = mysqli_fetch_array($result)){
                echo '<input type ="radio" value="'.$row['id'].
                '" name ="todelete[]" />';
                echo $row['Company_Name'].' '.$row['Type'].' '.$row['Contact'].'<br/>';
            }
            ?>

        <input type="submit" name="remove" value="Remove"/>
        <input type="submit" name="reload" value="Back"/>
        <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
        </div>
        </form>
        <?php
            $display = "no";
        }else{
            mysqli_close($dbc);
            echo "Must have Company Name";
        }
        }
        if(isset($_POST['remove'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
            foreach($_POST['todelete'] as $deleteid){
                $query = "DELETE FROM groups WHERE id = '$deleteid'";
                mysqli_query($dbc,$query) or die("ERROR DELETING");
            }
            $display = "yes";
            mysqli_close($dbc);
            echo "Record Deleted";
        }
        if(isset($_POST['find'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
            foreach($_POST['toupload'] as $uploadid){
                $query = "SELECT * FROM groups WHERE id = '$uploadid'";
                $data = mysqli_query($dbc,$query) or die("ERROR Finding");
                $row = mysqli_fetch_array($data);
            }
            $display = "No";
            echo "Record Uploaded";
            ?>
                <div id="content">

        <div id="userBlock" class="left">
	<span class="user"><?php echo "(".$_SESSION['user_name'].")"?></span>
	<span class="logout"><a href="logOut.php">log out</a></span> <br />
	<span class="userclass">System Administrator</span>
	</div>

	<p id="backHome">
		<a href="mainPage.php">back to main page</a>
		</p>
		<h3 class="leftclear">
		Group Details
        	</h3>

            <div id = "managementForm">
            <form action="agencyGroupDetails.php" method="POST" name ="Group">
            <div id="formfields" class="left">
		<fieldset>
		<legend>Data Entry Fields</legend>
		<p class="errormessage">
		</p>
		<div class="field_container">
		<label for ="cname">Company Name:</label>
                <input type ="text" id="cname" name ="cname" value="<?php echo $row['Company_Name']?>"/>
		</div>
                <div class="field_container">
		 <label for ="address">Address:</label>
                <input type ="text" id="address" name ="address" value ="<?php echo $row['Address']?>"/>
		</div>
		<div class="field_container">
		<label for ="city">City:</label>
                <input type ="text" id="city" name ="city" value ="<?php echo $row['City']?>"/>
		</div>
		<div class="field_container">
		<label for ="cperson">Contact Person:</label>
                <input type ="text" id ="cperson" name ="cperson" value ="<?php echo $row['Contact']?>"/>
		</div>
		<div class="field_container">
		<label for ="bnumber">Business Number:</label>
                <input type ="text" id="bnumber" name ="bnumber" value ="<?php echo $row['Phone']?>"/>
		</div>
		<div class="field_container">
		<label for ="fnumber">Fax Number:</label>
                <input type ="text" id="fnumber" name ="fnumber" value ="<?php echo $row['Fax']?>"/>
		</div>
		<div class="field_container">
		<label for ="ctype">Coverage Type:</label>
                <select name="ctype" id ="carrier">
                <?php
               require_once('getCoverageTypeList.php');
               ?>
               </select>
		</div>
		<div class="field_container">
                <label for ="carrier">     Carrier:</label>
                <select name="carrier" id ="carrier">
                <?php
                require_once('getCarrierList.php');
                ?>
                </select>
		</div>
		<div class="field_container">
		<label for ="edate">Effective Date:</label>
                <input type ="text" id ="edate" name ="edate" value="<?php echo $row['Effective']?>" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].edate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
                </div>
		<div class="field_container">
		<label for ="rdate">Renewal Date:</label>
                <input type ="text" id ="rdate" name ="rdate" value="<?php echo $row['Renewal']?>" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].rdate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
		</div>
		</fieldset>
		</div>
		<div id="formbuttons">
		<fieldset>
		<legend>Management Actions</legend>
                <input type="hidden" value="<?php echo $row['id']?>" name="id"/>
                <input type="submit" class="manageButton" name="update" value="Update Group" />
                <input type="submit" class="manageButton" name="save" value="Save Group" />
		<input type="submit" class="manageButton" name="delete" value="Delete Group" />
		<input type="submit" class="manageButton" name="search" value="Search Group" />
		</fieldset>
                </div>
                </form>
		</div>

            <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
            </div>

        </div>
        <?php
            mysqli_close($dbc);
        }
        /*
         * PHP Documentation: Handles the insertion, modification, and deletion of groups
         *                    based on the attributes presented in the POST header (i.e. INSERT for 'save',
         *                    UPDATE for 'update', and DELETE for 'delete').
         */

        if(isset($_POST['update'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));
            $id = mysqli_real_escape_string($dbc,trim($_POST['id']));
            
            if(!empty ($cname) && !empty ($cperson) && !empty ($address) && !empty ($carrier)
                && !empty ($city) && !empty ($ctype) && !empty ($bnumber) && !empty ($edate)
                && !empty ($fnumber) && !empty ($rdate)){
                $query = "UPDATE groups SET Company_Name = '$cname', Contact = '$cperson', Address = '$address',".
                "Carrier = '$carrier', City = '$city',Type = '$ctype', Phone = '$bnumber', Effective = '$edate',".
                "Fax = '$fnumber', Renewal = '$rdate' WHERE id = '$id'";
                $data = mysqli_query($dbc, $query);
                mysqli_close($dbc);
                echo "Record Updated <br>";
            }else{
                echo "All fields need to be entered!<br>";
            }
        }
        if(isset($_POST['search'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));

        if(!empty ($cname)){
            $query = "SELECT * FROM groups WHERE Company_Name = '$cname'";
            $result = mysqli_query($dbc, $query) or die("Error");
            ?><form action ="agencyGroupDetails.php" method="post"><?php
            while($row = mysqli_fetch_array($result)){
                echo '<input type ="radio" value="'.$row['id'].
                '" name ="toupload[]" />';
                echo $row['Company_Name'].' '.$row['Type'].' '.$row['Carrier'].' '.$row['Contact'].'<br/>';
            }
            ?>

        <input type="submit" name="find" value="Find"/>
        <input type="submit" name="reload" value="Back"/>
        <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
        </div>
        </form>
        <?php
            $display = "no";
        }else{
            mysqli_close($dbc);
            echo "Must have Company Name";
        }
        }
        if(isset($_POST['reload'])){
            header('Location: ./agencyGroupDetails.php');
        }
        if($display == "yes"){
        $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);     
        ?>
        <div id="content">

        <div id="userBlock" class="left">
	<span class="user"><?php echo "(".$_SESSION['user_name'].")"?></span>
	<span class="logout"><a href="logOut.php">log out</a></span> <br />
	<span class="userclass">System Administrator</span>
	</div>

	<p id="backHome">
		<a href="mainPage.php">back to main page</a>
		</p>
		<h3 class="leftclear">
		Group Details
        	</h3>

            <div id = "managementForm">
            <form action="agencyGroupDetails.php" method="POST" name ="Group">
            <div id="formfields" class="left">
		<fieldset>
		<legend>Data Entry Fields</legend>
		<p class="errormessage">
		</p>
		<div class="field_container">
		<label for ="cname">Company Name:</label>
                <input type ="text" id="cname" name ="cname"/>
		</div>
                <div class="field_container">
		 <label for ="address">Address:</label>
                <input type ="text" id="address" name ="address"/>
		</div>
		<div class="field_container">
		<label for ="city">City:</label>
                <input type ="text" id="city" name ="city"/>
		</div>
		<div class="field_container">
		<label for ="cperson">Contact Person:</label>
                <input type ="text" id ="cperson" name ="cperson"/>
		</div>
		<div class="field_container">
		<label for ="bnumber">Business Number:</label>
                <input type ="text" id="bnumber" name ="bnumber"/>
		</div>
		<div class="field_container">
		<label for ="fnumber">Fax Number:</label>
                <input type ="text" id="fnumber" name ="fnumber"/>
		</div>
		<div class="field_container">
		<label for ="ctype">Coverage Type:</label>
                <select name="ctype" id ="carrier">
                <?php
               require_once('getCoverageTypeList.php');
               ?>
               </select>
		</div>
		<div class="field_container">
                <label for ="carrier">     Carrier:</label>
                <select name="carrier" id ="carrier">
                <?php
                require_once('getCarrierList.php');
                ?>
                </select>
		</div>
		<div class="field_container">
		<label for ="edate">Effective Date:</label>
                <input type ="text" id ="edate" name ="edate" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].edate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
                </div>
		<div class="field_container">
		<label for ="rdate">Renewal Date:</label>
                <input type ="text" id ="rdate" name ="rdate" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].rdate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
		</div>
		</fieldset>
		</div>
		<div id="formbuttons">
		<fieldset>
		<legend>Management Actions</legend>
                <input type="submit" class="manageButton" name="save" value="Save Group" />
		<input type="submit" class="manageButton" name="delete" value="Delete Group" />
		<input type="submit" class="manageButton" name="search" value="Search Group" />
		</fieldset>
                </div>
                </form>
		</div>

            <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
            </div>

        </div><?php
                /*
         * PHP Documentation: Login page redirection for unauthenticated users.
         *
         */
        mysqli_close($dbc);
        }
        }else{
            ?>
            <div id="loginbox">
                <p class="sectionheader">
                    Authentication Required
                </p>
                <div id="loginform">
                    <div class="invalid">
                        <img src="images/Progress_Wheel.gif" alt="" />This page is restricted from unauthorized users. Please log in.
                    </div>
                </div>
            </div>
             <?php
                header('Refresh: 2; ./loginPage.php');
        }
        ?>
        </div>
    </body>
</html>
=======
<!--
Computer Science Course 531 - Introduction to Software Engineering
Olive Insurance Client Management System (Client Database Access)
Version 1.0 (Base System)
Spring 2011

-- Source Code Details --
Page Tile: agentAccountDetails.php
Created By: David Gonzalez, Computer Science (Undergraduate)
Documented By: Darrius Serrant, Computer Science (Undergraduate)
Purpose: User interface allowing the system administrator add, remove, and modify
        user accounts.
Status: In Evaluation: All security blocks, form validation, and database
         connectivity features have been omitted for the time being to illustrate
         the application's basic flow and functionality.
-->

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
   <html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
        <script LANGUAGE="JavaScript" SRC="CalendarPopup.js"></script>
	<script LANGUAGE="JavaScript">
	var cal = new CalendarPopup();
	</script>
        <title>
            Olive Insurance Client Management System - Group Details
        </title>
        <link rel="stylesheet" type="text/css" href="styles/main.css" />
    </head>
    <body>
        <div id ="contentbox">

            <div id="header">
                <img src="images/header.gif" alt="Olive Insurance Client Management System, Version 1.0" />
            </div>
            <div id="separator">
                <img src="images/separator.gif" alt="" />
            </div>

        <?php
        session_start();
        require_once('connectvars.php');
        $display = "yes";
        if(isset($_SESSION['user_name'])){
            if(isset($_POST['save'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));

        if(!empty ($cname) && !empty ($cperson) && !empty ($address) && !empty ($carrier)
                && !empty ($city) && !empty ($ctype) && !empty ($bnumber) && !empty ($edate)
                && !empty ($fnumber) && !empty ($rdate)){
            $query = "INSERT INTO groups (Company_Name, Contact, Address, Carrier, City,".
            "Type, Phone, Effective, Fax, Renewal) VALUES ('$cname','$cperson','$address','$carrier',".
            "'$city','$ctype','$bnumber','$edate','$fnumber','$rdate')";
            $data = mysqli_query($dbc, $query);

            mysqli_close($dbc);
            echo "Record Saved <br>";

        }
        else{
            echo "All fields need to be entered!<br>";
        }
        }
        if(isset($_POST['delete'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));

        if(!empty ($cname)){
            $query = "SELECT * FROM groups WHERE Company_Name = '$cname'";
            $result = mysqli_query($dbc, $query) or die("Error");
            ?><form action ="agencyGroupDetails.php" method="post"><?php
            while($row = mysqli_fetch_array($result)){
                echo '<input type ="radio" value="'.$row['id'].
                '" name ="todelete[]" />';
                echo $row['Company_Name'].' '.$row['Type'].' '.$row['Contact'].'<br/>';
            }
            ?>

        <input type="submit" name="remove" value="Remove"/>
        <input type="submit" name="reload" value="Back"/>
        <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
        </div>
        </form>
        <?php
            $display = "no";
        }else{
            mysqli_close($dbc);
            echo "Must have Company Name";
        }
        }
        if(isset($_POST['remove'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
            foreach($_POST['todelete'] as $deleteid){
                $query = "DELETE FROM groups WHERE id = '$deleteid'";
                mysqli_query($dbc,$query) or die("ERROR DELETING");
            }
            $display = "yes";
            mysqli_close($dbc);
            echo "Record Deleted";
        }
        if(isset($_POST['find'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);
            foreach($_POST['toupload'] as $uploadid){
                $query = "SELECT * FROM groups WHERE id = '$uploadid'";
                $data = mysqli_query($dbc,$query) or die("ERROR Finding");
                $row = mysqli_fetch_array($data);
            }
            $display = "No";
            echo "Record Uploaded";
            ?>
                <div id="content">

        <div id="userBlock" class="left">
	<span class="user"><?php echo "(".$_SESSION['user_name'].")"?></span>
	<span class="logout"><a href="logOut.php">log out</a></span> <br />
	<span class="userclass">System Administrator</span>
	</div>

	<p id="backHome">
		<a href="mainPage.php">back to main page</a>
		</p>
		<h3 class="leftclear">
		Group Details
        	</h3>

            <div id = "managementForm">
            <form action="agencyGroupDetails.php" method="POST" name ="Group">
            <div id="formfields" class="left">
		<fieldset>
		<legend>Data Entry Fields</legend>
		<p class="errormessage">
		</p>
		<div class="field_container">
		<label for ="cname">Company Name:</label>
                <input type ="text" id="cname" name ="cname" value="<?php echo $row['Company_Name']?>"/>
		</div>
                <div class="field_container">
		 <label for ="address">Address:</label>
                <input type ="text" id="address" name ="address" value ="<?php echo $row['Address']?>"/>
		</div>
		<div class="field_container">
		<label for ="city">City:</label>
                <input type ="text" id="city" name ="city" value ="<?php echo $row['City']?>"/>
		</div>
		<div class="field_container">
		<label for ="cperson">Contact Person:</label>
                <input type ="text" id ="cperson" name ="cperson" value ="<?php echo $row['Contact']?>"/>
		</div>
		<div class="field_container">
		<label for ="bnumber">Business Number:</label>
                <input type ="text" id="bnumber" name ="bnumber" value ="<?php echo $row['Phone']?>"/>
		</div>
		<div class="field_container">
		<label for ="fnumber">Fax Number:</label>
                <input type ="text" id="fnumber" name ="fnumber" value ="<?php echo $row['Fax']?>"/>
		</div>
		<div class="field_container">
		<label for ="ctype">Coverage Type:</label>
                <select name="ctype" id ="carrier">
                <?php
               require_once('getCoverageTypeList.php');
               ?>
               </select>
		</div>
		<div class="field_container">
                <label for ="carrier">     Carrier:</label>
                <select name="carrier" id ="carrier">
                <?php
                require_once('getCarrierList.php');
                ?>
                </select>
		</div>
		<div class="field_container">
		<label for ="edate">Effective Date:</label>
                <input type ="text" id ="edate" name ="edate" value="<?php echo $row['Effective']?>" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].edate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
                </div>
		<div class="field_container">
		<label for ="rdate">Renewal Date:</label>
                <input type ="text" id ="rdate" name ="rdate" value="<?php echo $row['Renewal']?>" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].rdate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
		</div>
		</fieldset>
		</div>
		<div id="formbuttons">
		<fieldset>
		<legend>Management Actions</legend>
                <input type="hidden" value="<?php echo $row['id']?>" name="id"/>
                <input type="submit" class="manageButton" name="update" value="Update Group" />
                <input type="submit" class="manageButton" name="save" value="Save Group" />
		<input type="submit" class="manageButton" name="delete" value="Delete Group" />
		<input type="submit" class="manageButton" name="search" value="Search Group" />
		</fieldset>
                </div>
                </form>
		</div>

            <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
            </div>

        </div>
        <?php
            mysqli_close($dbc);
        }
        if(isset($_POST['update'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));
            $id = mysqli_real_escape_string($dbc,trim($_POST['id']));
            
            if(!empty ($cname) && !empty ($cperson) && !empty ($address) && !empty ($carrier)
                && !empty ($city) && !empty ($ctype) && !empty ($bnumber) && !empty ($edate)
                && !empty ($fnumber) && !empty ($rdate)){
                $query = "UPDATE groups SET Company_Name = '$cname', Contact = '$cperson', Address = '$address',".
                "Carrier = '$carrier', City = '$city',Type = '$ctype', Phone = '$bnumber', Effective = '$edate',".
                "Fax = '$fnumber', Renewal = '$rdate' WHERE id = '$id'";
                $data = mysqli_query($dbc, $query);
                mysqli_close($dbc);
                echo "Record Updated <br>";
            }else{
                echo "All fields need to be entered!<br>";
            }
        }
        if(isset($_POST['search'])){
            $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);

            $cname = mysqli_real_escape_string($dbc,trim($_POST['cname']));
            $cperson = mysqli_real_escape_string($dbc,trim($_POST['cperson']));
            $address = mysqli_real_escape_string($dbc,trim($_POST['address']));
            $carrier = mysqli_real_escape_string($dbc,trim($_POST['carrier']));
            $city = mysqli_real_escape_string($dbc,trim($_POST['city']));
            $ctype = mysqli_real_escape_string($dbc,trim($_POST['ctype']));
            $bnumber = mysqli_real_escape_string($dbc,trim($_POST['bnumber']));
            $edate = mysqli_real_escape_string($dbc,trim($_POST['edate']));
            $fnumber = mysqli_real_escape_string($dbc,trim($_POST['fnumber']));
            $rdate = mysqli_real_escape_string($dbc,trim($_POST['rdate']));

        if(!empty ($cname)){
            $query = "SELECT * FROM groups WHERE Company_Name = '$cname'";
            $result = mysqli_query($dbc, $query) or die("Error");
            ?><form action ="agencyGroupDetails.php" method="post"><?php
            while($row = mysqli_fetch_array($result)){
                echo '<input type ="radio" value="'.$row['id'].
                '" name ="toupload[]" />';
                echo $row['Company_Name'].' '.$row['Type'].' '.$row['Carrier'].' '.$row['Contact'].'<br/>';
            }
            ?>

        <input type="submit" name="find" value="Find"/>
        <input type="submit" name="reload" value="Back"/>
        <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
        </div>
        </form>
        <?php
            $display = "no";
        }else{
            mysqli_close($dbc);
            echo "Must have Company Name";
        }
        }
        if(isset($_POST['reload'])){
            header('Location: ./agencyGroupDetails.php');
        }
        if($display == "yes"){
        $dbc = mysqli_connect(DB_HOST,DB_USER,DB_PASSWORD,DB_NAME);     
        ?>
        <div id="content">

        <div id="userBlock" class="left">
	<span class="user"><?php echo "(".$_SESSION['user_name'].")"?></span>
	<span class="logout"><a href="logOut.php">log out</a></span> <br />
	<span class="userclass">System Administrator</span>
	</div>

	<p id="backHome">
		<a href="mainPage.php">back to main page</a>
		</p>
		<h3 class="leftclear">
		Group Details
        	</h3>

            <div id = "managementForm">
            <form action="agencyGroupDetails.php" method="POST" name ="Group">
            <div id="formfields" class="left">
		<fieldset>
		<legend>Data Entry Fields</legend>
		<p class="errormessage">
		</p>
		<div class="field_container">
		<label for ="cname">Company Name:</label>
                <input type ="text" id="cname" name ="cname"/>
		</div>
                <div class="field_container">
		 <label for ="address">Address:</label>
                <input type ="text" id="address" name ="address"/>
		</div>
		<div class="field_container">
		<label for ="city">City:</label>
                <input type ="text" id="city" name ="city"/>
		</div>
		<div class="field_container">
		<label for ="cperson">Contact Person:</label>
                <input type ="text" id ="cperson" name ="cperson"/>
		</div>
		<div class="field_container">
		<label for ="bnumber">Business Number:</label>
                <input type ="text" id="bnumber" name ="bnumber"/>
		</div>
		<div class="field_container">
		<label for ="fnumber">Fax Number:</label>
                <input type ="text" id="fnumber" name ="fnumber"/>
		</div>
		<div class="field_container">
		<label for ="ctype">Coverage Type:</label>
                <select name="ctype" id ="carrier">
                <?php
               require_once('getCoverageTypeList.php');
               ?>
               </select>
		</div>
		<div class="field_container">
                <label for ="carrier">     Carrier:</label>
                <select name="carrier" id ="carrier">
                <?php
                require_once('getCarrierList.php');
                ?>
                </select>
		</div>
		<div class="field_container">
		<label for ="edate">Effective Date:</label>
                <input type ="text" id ="edate" name ="edate" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].edate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
                </div>
		<div class="field_container">
		<label for ="rdate">Renewal Date:</label>
                <input type ="text" id ="rdate" name ="rdate" READONLY/>
                <A HREF="#"
                onClick="cal.select(document.forms['Group'].rdate,'anchor1','yyyy-MM-dd'); return false;"
                NAME="anchor1" ID="anchor1">select</A>
		</div>
		</fieldset>
		</div>
		<div id="formbuttons">
		<fieldset>
		<legend>Management Actions</legend>
                <input type="submit" class="manageButton" name="save" value="Save Group" />
		<input type="submit" class="manageButton" name="delete" value="Delete Group" />
		<input type="submit" class="manageButton" name="search" value="Search Group" />
		</fieldset>
                </div>
                </form>
		</div>

            <div id="footer">
                Copyright &copy; 2011 by Olive Insurance, LLC. All rights reserved.
            </div>

        </div><?php
        mysqli_close($dbc);
        }
        }else{
            ?>
            <div id="loginbox">
                <p class="sectionheader">
                    Authentication Required
                </p>
                <div id="loginform">
                    <div class="invalid">
                        <img src="images/Progress_Wheel.gif" alt="" />This page is restricted from unauthorized users. Please log in.
                    </div>
                </div>
            </div>
             <?php
                header('Refresh: 2; ./loginPage.php');
        }
        ?>
        </div>
    </body>
</html>
>>>>>>> .r27
